Overview
- Description
- The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.
- Source
- cybersecurity@dahuatech.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
Known exploits
Data from CISA
- Vulnerability name
- Dahua IP Camera Authentication Bypass Vulnerability
- Exploit added on
- Aug 21, 2024
- Exploit action due
- Sep 11, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Weaknesses
- nvd@nist.gov
- CWE-287
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:ipc-hum7xxx_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C0356805-3ECF-4C6F-B2BF-95D507736C44",
"versionEndExcluding": "2.820.0000000.5.r.210705"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:ipc-hum7xxx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5AE9ACB0-4CB3-4CF5-A007-15EE977D782E"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:ipc-hx3xxx_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0D17050-41CA-4808-8ED3-F332FD00B551",
"versionEndExcluding": "2.800.0000000.29.r.210630"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:ipc-hx3xxx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8936A118-4AB5-4B09-A9FD-E624A68315BD"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:ipc-hx5xxx_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F20DC69-B735-4547-826D-E4C42A39FE82",
"versionEndExcluding": "2.820.0000000.5.r.210705"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:ipc-hx5xxx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F2838BDA-97FF-498E-BC81-955D31B9227A"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:nvr-1xxx_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FA1C3935-C83B-4A1A-BEEE-EF93F7722972",
"versionEndExcluding": "4.001.0000005.1.r.210709"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:nvr-1xxx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7780D1BE-ABE0-4890-B493-36FA0A4B3266"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:nvr-2xxx_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "795EF8B2-5E6D-46EB-9F66-85F2C71B2619",
"versionEndExcluding": "4.001.0000000.1.r.210710"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:nvr-2xxx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "89E3F7B3-3C51-49C1-BAEC-DA4235D5A06D"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:nvr-4xxx_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1386662B-C3DE-467A-8F41-F18BDE7B9726",
"versionEndExcluding": "4.001.0000005.1.r.210713"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:nvr-4xxx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "58ECDC49-09D4-4E62-AC11-E3C52C656A9D"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:nvr-5xxx_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "06A6B28A-2E0D-4E45-904A-66FEE5D85262",
"versionEndExcluding": "4.001.0000000.0.r.210710"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:nvr-5xxx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DE621958-8AE2-44E0-9E41-94BC964CDF57"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:nvr-6xx_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "90D5A1B3-88D5-4E5E-A88B-59409D41956C",
"versionEndExcluding": "4.001.0000001.1.r.210716"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:nvr-6xx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9EEAC798-870E-4DE6-B7DB-44FAF5360CE5"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:vth-542xh_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6F1138DD-7149-4191-BF6B-5176B8EF3A07",
"versionEndExcluding": "4.500.0000002.0.r.210715"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:vth-542xh:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "72039FDA-344D-4961-BB1B-E6F32EAFD7C2"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:vto-65xxx_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4AC98964-DBDE-438C-A0E7-BF11D1BBC4B0",
"versionEndExcluding": "4.300.0000004.0.r.210715"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:vto-65xxx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9438ADC0-C8F4-48E1-A905-9914A3AE715E"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:vto-75x95x_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3FFF94A-7F57-49D2-A6BA-5B58064C41C5",
"versionEndExcluding": "4.300.0000003.0.r.210714"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:vto-75x95x:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B205125D-5A33-49B0-A2BA-BD833D107924"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:xvr-4x04_firmware:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BFB4B89-FD66-4A9E-9163-8E27730012C8"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:xvr-4x04:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "97031A47-9275-45CD-AFBB-A906A3A37D71"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:xvr-4x08_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83753916-EBB9-4378-9448-79B33EA851C7",
"versionEndExcluding": "4.001.0000001.1.r.210709"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:xvr-4x08:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D6962025-38D1-4B8E-9C51-2806599F8779"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:xvr-4x04_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C3D44B80-93EF-41AD-9BFD-B363CC8356CF",
"versionEndExcluding": "4.001.0000001.1.r.210709"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:xvr-4x04:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "97031A47-9275-45CD-AFBB-A906A3A37D71"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:xvr-5x04_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44FAD9FC-F99A-45DE-A8FA-031CD0F4680E",
"versionEndExcluding": "4.001.0000003.1.r.210710"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:xvr-5x04:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F496B4C1-062B-4C6E-9F8C-C3B49D4D98EF"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:xvr-5x08_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEAA6256-9F3D-43C7-858C-D07025EE5400",
"versionEndExcluding": "4.001.0000003.1.r.210710"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:xvr-5x08:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "AA245352-2E71-4401-AB16-1CA8D827D858"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:xvr-5x16_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4C5D8D60-F5A5-42B2-830B-E4D89828988F",
"versionEndExcluding": "4.001.0000003.1.r.210710"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:xvr-5x16:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "60F64F53-4C08-48A1-A3EB-F3EB5A1C0631"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:xvr-7x16_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "22635FB9-7898-457B-938B-9946CFC9EE73",
"versionEndExcluding": "4.001.0000003.1.r.210710"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:xvr-7x16:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "95CC3087-2310-4520-8B69-4F21F6F78197"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:dahuasecurity:xvr-7x32_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5D80CC1B-87EC-44BF-A453-A57350A4C061",
"versionEndExcluding": "4.001.0000003.1.r.210710"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:dahuasecurity:xvr-7x32:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "06268CD6-0DFD-4501-9D4E-AA25E14B215E"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]